<?php

namespace app\controllers\permission;

use app\common\base\CommonController;

/**
 * 权限控制器
 * * 授予、回收用户操作权限（admin）
 * * 检查当前有效权限（放在service中，方便操作功能调用）
 */
class PermissionController extends CommonController
{
    /**
     * 授予用户权限
     */
    public function actionGrant()
    {
        $this->rules = [
            [['grant_userId', 'deviceId', 'right', 'start_timestamp', 'end_timestamp'], 'required'],
            [['grant_userId', 'deviceId', 'right'], 'integer'],
            [['start_timestamp', 'end_timestamp'], 'integer'],
        ];
        $inputs = $this->validate();

        if(!$this->userInfo->isAdmin){
            return parent::error('ERROR_NO_RIGHTS', '无访问权限');
        }

        $info = parent::callModuleService('permission', 'PermissionService', 'grant', 
                                            $inputs['grant_userId'], $inputs['deviceId'], $inputs['right'], 
                                            $inputs['start_timestamp'], $inputs['end_timestamp']);

        return [
            'success' => $info['success']
        ];
    }

    /**
     * 回收用户权限
     */
    public function actionRevoke()
    {
        $this->rules = [
            [['revoke_userId', 'deviceId'], 'required'],
            [['revoke_userId', 'deviceId'], 'integer'],
        ];
        $inputs = $this->validate();
        
        if(!$this->userInfo->isAdmin){
            return parent::error('ERROR_NO_RIGHTS', '无访问权限');
        }

        $info = parent::callModuleService('permission', 'PermissionService', 'revoke', $inputs['revoke_userId'], $inputs['deviceId']);

        return [
            'success' => $info
        ];
    }

    public function actionGetOps()
    {
        $info = parent::callModuleService('log', 'OperationService', 'list');
        return $info;
    }
}